villebro commented on a change in pull request #8867: Make schema name for the
CTA queries and limit configurable
URL:
https://github.com/apache/incubator-superset/pull/8867#discussion_r374888673
##########
File path: .travis.yml
##########
@@ -92,7 +92,7 @@ jobs:
- redis-server
before_script:
- psql -U postgres -c "CREATE DATABASE superset;"
- - psql -U postgres -c "CREATE USER postgresuser WITH PASSWORD
'pguserpassword';"
+ - psql -U postgres -c "CREATE USER postgresuser WITH PASSWORD
'pguserpassword' SUPERUSER;"
Review comment:
While this may be ok for CI, I wonder if this might open up possible
problems where we assume that the backend db user has more rights than it
should have? A quick glance at the docs revealed the following:
https://www.postgresql.org/docs/10/role-attributes.html
> superuser status
A database superuser bypasses all permission checks, except the right to log
in. This is a dangerous privilege and should not be used carelessly; it is best
to do most of your work as a role that is not a superuser.
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
[email protected]
With regards,
Apache Git Services
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
